Bits, Bytes, and Bourbon
@DecryptedTech
A Technology Journalist and cybersecurity professional. I have a mission to remove the marketing-speak from the information people receive in their news.
There is a misconception that if you enjoy bourbon/whisk(e)y etc. that you drink a lot or all the time and might have an issue with people who do not drink. The majority of friends that I have do not drink all that much and some do not drink at all. Those who do, can throw more…
I have been seeing the usual "don't blame $person" arguments popping up since the Tea debacle and I think it is a bad take. 1 - This line of thinking removes ownership and responsibility 2 - There are Devs who actually do things that impact security in a negative way to make…
😐
macOS catching up to enterprise security features that have already been available for Windows... </tongue-in-cheek> In all seriousness, I am glad to see this available.
📢macOS LAPS in Intune is now available! 🥳 Securely provision a local administrator account during setup assistant for devices going through Automated Device Enrollment and configure the first account as a standard user or an admin. See learn.microsoft.com/intune/intune-… for more info.
AI won't take your job, but someone rooting AI will...
Lovely. Microsoft Copilot Rooted to Gain Unauthorized Root Access to its Backend System share.google/4vJEXlpOQrw28x…
As much as I like and respect Dave Kennedy... I think I am sort of sad about this. ;-)
Based on recent engagements and influence in cybersecurity, the most famous person to visit your profile is Dave Kennedy.
Hey, @grok , who was the most famous person to visit my profile? It doesn't need to be a mutual, don't tag them, just say who it was.
One thing that authoritarian governments do is to control information. They do this under many excuses; protect the children, it is for your own safety, but the criminals, etc. None of these excuses are the real reason. They want control of the information you receive. Many of…
The collection of user data is and always has been a concern. That companies and organizations are still failing to protect it should not be excused. This should be a wakeup call to everyone from end users to organizations/companies. Fix this shit.
I guess the Tea app also stored GPS location for sign-ups? Lol, when you think it couldn't get much worse. My homie actually created these maps apparently, and I didn't even know until like 5 mins ago. Lawsuit WEN?
A long as it does not have that dam smug dogs laughing at me, I am in :-)
We’re two weeks out from @defcon Are you ready to join us in fabulous Las Vegas for a weekend full of shenanigans and mayhem? #DEFCON #DEFCON33 #hackersummercamp
So... did anyone do a code review or an infrastructure review on this environment? Or, was it rushed out in a mad case of FOMO ignoring established best practices?
New development in the Q Developer extension backdoor: An open question was, how did the threat actor get write permissions to the repo? Turns out they stole a token via this technique. aws.amazon.com/security/secur…
Hey @grok who was the most famous person to visit my profile? Doesn’t need to be a mutual, don’t tag them, just say who it was.
To paraphrase Egon Spengler. "This is all bad"
x.com/i/article/1949…
Censorship, much like FUD is never going to end well.
My personal Top 10: Half Life 1 (Black Mesa Remake) Half Life 2 Alyx DOOM 2012 Wolfenstein New Colossus Thief Thief Metal Age System Shock 2 Bioshock FEAR 2
Alright here goes. My top 10 of all time 1. Chrono Trigger 2. Final Fantasy 7 3. Secret of Mana 4. Final Fantasy 3 (US) 5. Expedition 33 6. Metroid Prime 7. Zelda: Link to the Past 8. Halo 9. Goldeneye 10. Super Mario World Honorable mentions that may slip in and out of this…
I will have two types of stickers at Black Hat and Def Con this year. Come find me to get one. :-)
Hmmm, isn't this interesting? 300+ companies. Tell me talent acquisition isn't broken.
Arizona Woman Sentenced for $17M Information Technology Worker Fraud Scheme that Generated Revenue for North Korea fbi.gov/news/press-rel… @FBIPhoenix
Payment card companies should not be able to act as their own form of government or law enforcement. They have abused their power and almost cartel like control for far too long.
🧵🧵🧵This is my attempt to map Visa and Mastercard Censorship. This is in regards to @CollectiveShout taking ownership of pushing them, but this timeline shows activity back to 2016 for @visa and @mastercard This thread will break down segments, and provide close ups.…
Fun Fact. I own a Red Digital Cinema Hydrogen One Phone an amazing 3d phone) and a LumePad2 I once took a really cool picture of a beer glass that was almost empty in 2019. It is still number 2 on their most liked list in the Leia Pics app (think of as 3D Instagram without the…
I have seen this abusing the known/trusted apps policy as well.
The replies to this blew me away 😅 lots of sharp minds here. The real answer? OAuth Consent Phishing + Token Replay APT-grade tradecraft used by the big dogs like APT29. Even Microsoft got hit with this. 🧵Here’s how it works:
In it to win it,,,, are you really that committed?